 |
|
| Encryption Technologies: Examples |
SSL for SAS/SHARE under z/OS: Example
| Startup of a Multi-User SAS/SHARE Server |
After certificates for the CA, the server, and the client have been generated, and a CA trust list for the client has been created, you can start a SAS/SHARE server.
Here is an example of starting a secured SAS/SHARE server:
%let tcpsec=_secure_; options netencryptalgorithm=ssl; options sslpkcs12loc="/users/johndoe/certificates/server.p12; options sslpkcs12pass="password"; proc server id=shrserv authenticate=opt; run;
The following table lists the SAS option or statement that is used for each task to start a server.
| SAS Options, Statements, and Arguments | Server Start-Up Tasks |
|---|---|
| TCPSEC= _SECURE_ | Secures the server |
| NETENCRALG=SSL | Specifies SSL as the encryption algorithm |
| SSLPKCS12LOC=server.p12 | Specifies the filepath for the location of the server's private key |
| SSLPKCS12PASS="password" | Specifies the password to access server's private key |
| PROC SERVER ID=shrserv | Starts the server |
| AUTHENTICATE=opt | Allows trusted users to access the server without authentication |
| SAS/SHARE Client Access of a SAS/SHARE Server |
After a SAS/SHARE server has been started, the client can access it.
Here is an example of how to make a client connection to a secured SAS/SHARE server:
options sslcalistloc="/users/johndoe/certificates/cacerts.pem"; %let machine=apex.server.com; libname a '.' server=machine.shrserv user=_prompt_;
The following table lists the SAS options that are used to access a SAS/SHARE server from a client.
| SAS Options and Arguments | Client Access Tasks |
|---|---|
| SSLCALISTLOC=cacerts.pem | Specifies the CA trust list |
| SERVER=machine.shrserv | Specifies the machine and server to connect to |
| USER=_PROMPT_ | Prompts for the user ID and password to be used for authenticating the client to the server |
The server-ID and the server's Common Name, which was specified in the server's certificate, must be identical.
|
|
Copyright © 2010 by SAS Institute Inc., Cary, NC, USA. All rights reserved.